In the end of the installation, an admin account will be created and the API key for admin will be displayed. For demo purpose, we will keep it in conjur_admin environment variable. In production, please keep it safe.

Authentication as human

Most API calls require an authentication access token in the header. Here’s how to obtain it if you’re a human user:

Use a username and password to obtain an API key (refresh token) with the Authentication > Login method.

Use the API key to obtain an access token with the Authentication > Authenticate method.

If you’re a machine, your API key will be provided by your operator. This will be covered in later steps.

Access tokens expire after 8 minutes. You need to obtain a new token after it expires. Token expiration and renewal is handled automatically by the Conjur client libraries.

Login

Gets the API key of a user given the username and password via HTTP Basic Authentication.

Passwords are stored in the Conjur database using bcrypt with a work factor of 12. Therefore, login is a fairly expensive operation. However, once the API key is obtained, it may be used to inexpensively obtain access tokens by calling the Authenticate method. An access token is required to use most other parts of the Conjur API.

Append policies

Adds data to the existing Conjur policy. Deletions are not allowed. Any policy objects that exist on the server but are omitted from the policy file will not be deleted and any explicit deletions in the policy file will result in an error.

Note: entity IDs must be URL-encoded
Any identifier included in the URL must be URL-encoded to be recognized by the Conjur API.

Debugging Scenarios

Help

Katacoda offerings an Interactive Learning Environment for Developers. This course uses a command line and a pre-configured sandboxed environment for you to use. Below are useful commands when working with the environment.

cd <directory>

Change directory

ls

List directory

echo 'contents' > <file>

Write contents to a file

cat <file>

Output contents of file

Vim

In the case of certain exercises you will be required to edit files or text. The best approach is with Vim. Vim has two different modes, one for entering commands (Command Mode) and the other for entering text (Insert Mode). You need to switch between these two modes based on what you want to do. The basic commands are: